‼ CVE-2023-29059 ‼
📖 Read
via "National Vulnerability Database".
3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the Electron macOS application.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-24473 ‼
📖 Read
via "National Vulnerability Database".
An information disclosure vulnerability exists in the TGAInput::read_tga2_header functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
🕴 Organizations Reassess Cyber Insurance as Self-Insurance Strategies Emerge 🕴
📖 Read
via "Dark Reading".
Risk reassessment is shaking up the cybersecurity insurance market, leading some organizations to consider their options, including self-insurance.📖 Read
via "Dark Reading".
Dark Reading
Organizations Consider Self-Insurance to Manage Risk
Risk reassessment is shaking up the cybersecurity insurance market, leading some organizations to consider their options, including self-insurance.
‼ CVE-2023-24472 ‼
📖 Read
via "National Vulnerability Database".
A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide malicious input to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30350 ‼
📖 Read
via "National Vulnerability Database".
Avanquest Software RAD PDF (PDFEscape Online) 3.19.2.2 is vulnerable to Information Leak / Disclosure. The PDFEscape Online tool provides users with a "white out" functionality for redacting images, text, and other graphics from a PDF document. However, this mechanism does not remove underlying text or PDF object specification information from the PDF. As a result, for example, redacted text may be copy-pasted by a PDF reader.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-22845 ‼
📖 Read
via "National Vulnerability Database".
An out-of-bounds read vulnerability exists in the TGAInput::decode_pixel() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30351 ‼
📖 Read
via "National Vulnerability Database".
PDFZorro PDFZorro Online r20220428 using TCPDF 6.2.5, despite having workflows claiming to correctly remove redacted information from a supplied PDF file, does not properly sanitize this information in all cases, causing redacted information, including images and text embedded in the PDF file, to be leaked unintentionally. In cases where PDF text objects are present it is possible to copy-paste redacted information into the system clipboard. Once a document is "locked" and marked for redaction once, all redactions performed after this feature is triggered are vulnerable.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43473 ‼
📖 Read
via "National Vulnerability Database".
A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve a malicious XML payload to trigger this vulnerability.📖 Read
via "National Vulnerability Database".
🕴 Microsoft Patches 'Dangerous' RCE Flaw in Azure Cloud Service 🕴
📖 Read
via "Dark Reading".
The vulnerability would have allowed an unauthenticated attacker to execute code on a container hosted on one of the platform's nodes.📖 Read
via "Dark Reading".
Dark Reading
Microsoft Patches 'Dangerous' RCE Flaw in Azure Cloud Service
The vulnerability would have allowed an unauthenticated attacker to execute code on a container hosted on one of the platform's nodes.
🕴 BEC Fraudsters Expand to Snatch Real-World Goods in Commodities Twist 🕴
📖 Read
via "Dark Reading".
Business email compromise scams are moving beyond just stealing cash, with some threat actors fooling companies into sending goods and materials on credit, and then skipping out on payment.📖 Read
via "Dark Reading".
Dark Reading
BEC Fraudsters Expand to Snatch Real-World Goods in Commodities Twist
Business email compromise scams are moving beyond just stealing cash, with some threat actors fooling companies into sending goods and materials on credit, and then skipping out on payment.
‼ CVE-2023-28646 ‼
📖 Read
via "National Vulnerability Database".
Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In versions from 3.7.0 and before 3.24.1 an attacker that has access to the unlocked physical device can bypass the Nextcloud Android Pin/passcode protection via a thirdparty app. This allows to see meta information like sharer, sharees and activity of files. It is recommended that the Nextcloud Android app is upgraded to 3.24.1. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-28644 ‼
📖 Read
via "National Vulnerability Database".
Nextcloud server is an open source home cloud implementation. In releases of the 25.0.x branch before 25.0.3 an inefficient fetch operation may impact server performances and/or can lead to a denial of service. This issue has been addressed and it is recommended that the Nextcloud Server is upgraded to 25.0.3. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-28647 ‼
📖 Read
via "National Vulnerability Database".
Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain access to a users files. It is recommended that the Nextcloud iOS app is upgraded to 4.7.0. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-1734 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Affected is an unknown function of the file admin/products/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. VDB-224622 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23522 ‼
📖 Read
via "National Vulnerability Database".
MindsDB is an open source machine learning platform. An unsafe extraction is being performed using `shutil.unpack_archive()` from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a **TarSlip** or a **ZipSlip variant**. Unpacking files using the high-level function `shutil.unpack_archive()` from a potentially malicious tarball without validating that the destination file path remained within the intended destination directory may cause files to be overwritten outside the destination directory. An attacker could craft a malicious tarball with a filename path, such as `../../../../../../../../etc/passwd`, and then serve the archive remotely using a personal bucket `s3`, thus, retrieve the tarball through **mindsdb** and overwrite the system files of the hosting server. This issue has been addressed in version 22.11.4.3. Users are advised to upgrade. Users unable to upgrade should avoid ingesting archives from untrusted sources.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-26482 ‼
📖 Read
via "National Vulnerability Database".
Nextcloud server is an open source home cloud implementation. In affected versions a missing scope validation allowed users to create workflows which are designed to be only available for administrators. Some workflows are designed to be RCE by invoking defined scripts, in order to generate PDFs, invoking webhooks or running scripts on the server. Due to this combination depending on the available apps the issue can result in a RCE at the end. It is recommended that the Nextcloud Server is upgraded to 24.0.10 or 25.0.4. Users unable to upgrade should disable app `workflow_scripts` and `workflow_pdf_converter` as a mitigation.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-28643 ‼
📖 Read
via "National Vulnerability Database".
Nextcloud server is an open source home cloud implementation. In affected versions when a recipient receives 2 shares with the same name, while a memory cache is configured, the second share will replace the first one instead of being renamed to `{name} (2)`. It is recommended that the Nextcloud Server is upgraded to 25.0.3 or 24.0.9. Users unable to upgrade should avoid sharing 2 folders with the same name to the same user.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-28835 ‼
📖 Read
via "National Vulnerability Database".
Nextcloud server is an open source home cloud implementation. In affected versions the generated fallback password when creating a share was using a weak complexity random number generator, so when the sharer did not change it the password could be guessable to an attacker willing to brute force it. It is recommended that the Nextcloud Server is upgraded to 24.0.10 or 25.0.4. This issue only affects users who do not have a password policy enabled, so enabling a password policy is an effective mitigation for users unable to upgrade.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-28833 ‼
📖 Read
via "National Vulnerability Database".
Nextcloud server is an open source home cloud implementation. In affected versions admins of a server were able to upload a logo or a favicon and to provided a file name which was not restricted and could overwrite files in the appdata directory. Administrators may have access to overwrite these files by other means but this method could be exploited by tricking an admin into uploading a maliciously named file. It is recommended that the Nextcloud Server is upgraded to 24.0.10 or 25.0.4. Users unable to upgrade should avoid ingesting logo files from untrusted sources.📖 Read
via "National Vulnerability Database".
🕴 Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises 🕴
📖 Read
via "Dark Reading".
In a Solar Winds-like attack, compromised, digitally signed versions of 3CX DesktopApp are landing on user systems via the vendor's official, legitimate update mechanism, security firms warn.📖 Read
via "Dark Reading".
Dark Reading
Automatic Updates Deliver Malicious 3CX 'Upgrades' to Enterprises
In a SolarWinds-like attack, compromised, digitally signed versions of 3CX DesktopApp are landing on user systems via the vendor's update mechanism.
‼ CVE-2023-27534 ‼
📖 Read
via "National Vulnerability Database".
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.📖 Read
via "National Vulnerability Database".